eduGAIN policy update Status update REFEDs 31st October 2010 [email protected] Innovation through participation eduGAIN project in general eduGAIN (a.k.a.
Download ReportTranscript eduGAIN policy update Status update REFEDs 31st October 2010 [email protected] Innovation through participation eduGAIN project in general eduGAIN (a.k.a.
eduGAIN policy update Status update REFEDs 31st October 2010 [email protected] Innovation through participation eduGAIN project in general eduGAIN (a.k.a. GÉANT3 Service Activity 3, Task 3) Create a service that allows federations to interfederate Timeline 10/2010 pilot starts 4/2011 production starts, policy signed For details, listen to I2MM speak by Valter Nordh Policy sub-task: Mikael Linden Innovation through participation eduGAIN interconnects participant federations Service Provider (a Member) SP AP IdP SP SP Participant Federation Participant Federation Home Organisation (a Member) IdP IdP SP IdP IdP eduGAIN service Participant Federation SP Participant Federation SP Entities IdP SP SP IdP Innovation through participation Some design criteria Existing participant federations’ policies are not changed eduGAIN only mediates participant federations’ SAML2 metadata Mandatory requirements for Home Orgs and SPs minimised Behavioral issues (LoA, privacy) left to eduGAIN’s optional profiles Attribute changes minimised eduGAIN attribute profile recommends displayName, CN, mail, eP[S]A, schacHomeOrg, schacHomeOrgType Initially WebSSO, but leaves the door open for else Optional SAML WebSSO profile (SAML2int.org v0.2) Initially European, but leaves the door open for others Funding comes from Europe Other federations can join as well Innovation through participation eduGAIN bodies NREN PC The governing body of the GEANT project Technical Steering Group (TSG) One delegate from each participant federation Operational Team (OT) Daily technical issues Innovation through participation Policy structure and profiles eduGAIN Constitution (NREN PC approves/changes) refers to Policy Declaration Policy Declaration (signed by Federation 1) Policy Declaration (signed by Federation 2) (signed by Federation 3) is supplemented by Profiles, Profiles,required required (NREN (NRENPC PCapproves/changes) approves/changes) Profiles, Profiles, recommended recommended (TSG (TSGapproves/changes) approves/changes) Profiles, Profiles,optional optional (TSG (TSGapproves/changes) approves/changes) Proposed profiles: Metadata profile (MUST) WebSSO profile (MAY) Attribute profile (SHOULD) Data protection profile (MAY), Identified work items: LoA profile (MAY) www.edugain.org/policy (c.f. EU data protection directive) Innovation through participation